542217cd36ff264487af5040b75fe8ae

Sharing

Copy URL Twitter E-mail

General

Target

542217cd36ff264487af5040b75fe8ae
Size

115KB
MD5

542217cd36ff264487af5040b75fe8ae
SHA1

0246032f2128d44eb2f8cb1e66b9e9dbf3ddb2d9
SHA256

e8ed528faa1f8f6c657faf1de2b9c0337588de56f028ee9c3b947bb845f5696b
SHA512

5d5c90223150f66deaf3df4d84d0f9067e789e290c1dac70b4eadad5121cccbd1437e84ca923bfebe26b4b452a7d67cc83ff280ea1a81ae9b5baba3b9b39947b
SSDEEP

3072:BYJwta3L3nvYVKo4yDZINNBYZUTMW//tdg54S:RMDYZCB4iMW/16

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
542217cd36ff264487af5040b75fe8ae

Files

542217cd36ff264487af5040b75fe8ae
.exe windows:4 windows x86 arch:x86

cac4a2bd8e046624a0070fc4228fcb33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcA
SetCursor
GetSystemMetrics
DestroyMenu
GetKeyboardLayout
EndPaint
SystemParametersInfoA
GetWindowPlacement
SetWindowPos
CharNextW
GetCapture
SetWindowLongA
MsgWaitForMultipleObjects
GetWindowDC
OpenClipboard
WindowFromPoint
TranslateMessage
UpdateWindow
EnableMenuItem
CallNextHookEx
CreateWindowExA
CreateIcon
LoadStringA
GetKeyboardLayoutList
GetScrollPos
IsWindowVisible
SendMessageW
SendMessageA
OffsetRect
SetParent
AdjustWindowRectEx
SetMenu
SetMenuItemInfoA
SetScrollPos
ScreenToClient
EnumChildWindows
PostQuitMessage
DestroyIcon
EmptyClipboard
CheckMenuItem
ReleaseDC
CharUpperBuffA
RegisterClipboardFormatA
GetMenuState
GetScrollInfo
DrawMenuBar
GetSubMenu
BeginPaint
GetActiveWindow
GetMenu
RegisterClassA
MapVirtualKeyA
RemoveMenu
PeekMessageW
IsWindow
SetTimer
IsDialogMessageW
ShowScrollBar
IsWindowEnabled
FindWindowA
DrawIcon
GetPropA
GetLastActivePopup
wsprintfA
RegisterWindowMessageA
LoadCursorA
GetMenuItemCount
GetClassLongA
CreatePopupMenu
MessageBoxA
RemovePropA
SetWindowTextA
IsWindowUnicode
EnumWindows
ChildWindowFromPoint
TranslateMDISysAccel
GetFocus
SetClassLongA
ShowWindow
CharToOemA
CharNextA
SetCapture
GetKeyboardLayoutNameA
ReleaseCapture
MessageBeep
DefMDIChildProcA
GetForegroundWindow
GetClipboardData
GetWindow
SetWindowLongW
SetPropA
GetCursorPos
IsZoomed
IsDialogMessageA
GetDesktopWindow
DefWindowProcA
SetWindowsHookExA
UnregisterClassA
GetClientRect
GetClassNameA
CreateMenu
DefFrameProcA
UnhookWindowsHookEx
EnableScrollBar
SetFocus
OemToCharA
MoveWindow
DrawEdge
SetScrollRange
SetActiveWindow
IntersectRect
FillRect
ShowOwnedPopups
DispatchMessageA
SetRect
CharLowerBuffA
GetMenuStringA
GetClassInfoA
InsertMenuItemA
KillTimer
CloseClipboard
InsertMenuA
DestroyWindow
IsChild
GetWindowThreadProcessId
IsIconic
MapWindowPoints
GetDlgItem
LoadIconA
GetScrollRange
SetForegroundWindow
DrawFrameControl
GetMenuItemID
DrawAnimatedRects
GetIconInfo
WaitMessage
DispatchMessageW
EnableWindow
GetMessagePos
GetCursor
EnumThreadWindows
PeekMessageA
SetClipboardData
InflateRect
ScrollWindow
GetMenuItemInfoA
GetSysColorBrush
GetWindowLongW
ActivateKeyboardLayout
CharLowerA
GetSystemMenu
GetTopWindow
DeleteMenu
PostMessageA
GetSysColor
EqualRect
DrawTextA
SetWindowPlacement
GetWindowTextA
GetKeyboardState
TrackPopupMenu
DestroyCursor
GetWindowLongA
RedrawWindow
PtInRect
GetDCEx
GetKeyState
GetKeyNameTextA
InvalidateRect
LoadKeyboardLayoutA
IsRectEmpty
DrawIconEx
LoadBitmapA
GetDC
ClientToScreen
FrameRect
GetKeyboardType

msvcrt

wcsncmp
acos
fabs
cos
memmove

kernel32

FindFirstFileA
LocalReAlloc
GetOEMCP
MulDiv
ExitThread
GlobalFindAtomA
HeapDestroy
lstrcmpiA
GetProcessHeap
GetLocaleInfoA
InitializeCriticalSection
LocalFree
GetLocalTime
LoadLibraryA
lstrcatA
FreeResource
GetFileSize
GetFullPathNameA
lstrcpynA
MoveFileA
GetStringTypeW
GetStartupInfoA
ResetEvent
GlobalDeleteAtom
GetSystemDefaultLangID
SetHandleCount
GetCurrentProcess
GetCurrentThread
SetLastError
GetUserDefaultLCID
CreateFileA
GetVersionExA
DeleteCriticalSection
SetEvent
SizeofResource
GetFileAttributesA
GetCurrentProcessId
GetProcAddress
LoadLibraryExA
LoadResource
GetStringTypeA
ExitProcess
GlobalAddAtomA
GetVersion
Sleep
HeapAlloc
GetEnvironmentStrings
lstrcpyA
SetEndOfFile
lstrcmpA
GetCurrentThreadId
CompareStringA
GetCommandLineA
VirtualFree
VirtualQuery
GetFileType
WaitForSingleObject
CreateThread
GlobalAlloc
GetStdHandle
DeleteFileA
GetTickCount
EnterCriticalSection
HeapFree
EnumCalendarInfoA
WideCharToMultiByte
LockResource
LocalAlloc
VirtualAlloc
WriteFile
ReadFile
GetCPInfo
GetModuleFileNameA
GetThreadLocale
FindClose
GetLastError
MoveFileExA
FormatMessageA
SetFilePointer
FreeLibrary
RaiseException
SetThreadLocale
GetModuleHandleA
VirtualAllocEx
SetErrorMode
lstrlenA
CreateEventA
CloseHandle
GetACP

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cac4a2bd8e046624a0070fc4228fcb33

Headers

File Characteristics

Imports

user32

msvcrt

kernel32

Sections

.text Size: 102KB - Virtual size: 102KB

.bss Size: 7KB - Virtual size: 6KB

.edata Size: 4KB - Virtual size: 4KB

.text
Size: 102KB - Virtual size: 102KB

.bss
Size: 7KB - Virtual size: 6KB

.edata
Size: 4KB - Virtual size: 4KB